Daily NCSC-FI news followup 2019-10-27

TrialWorks Ransomware Attack Disrupts Court Cases and Deadlines

www.bleepingcomputer.com/news/security/trialworks-ransomware-attack-disrupts-court-cases-and-deadlines/ TrialWorks, one of the top-rated providers of legal case management software for law firms and attorneys, became the victim of a ransomware attack earlier this month. The ripples of disruption from this incident made it impossible for lawyers to access the legal documents hosted on TrialWorks platform.

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

thehackernews.com/2019/10/nginx-php-fpm-hacking.html If you’re running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely.

Facebook takes down false ad from PAC on Republican Graham

www.reuters.com/article/us-usa-election-facebook/facebook-takes-down-false-ad-from-pac-on-republican-graham-idUSKBN1X50IZ Facebook Inc said on Saturday that it had removed an ad which falsely claimed that U.S. Republican Senator Lindsey Graham supported the Green New Deal, demonstrating that it will fact-check ads from political groups but not politicians.

Here’s Why ‘Raccoon’ Infostealer Is Popular With Criminals

www.databreachtoday.in/heres-raccoon-infostealer-popular-criminals-a-13294 The “Raccoon” infostealer, first spotted in the wild earlier this year, is rapidly gaining in popularity on underground forums due to its low cost and ability to steal a wide range of data, including credit card numbers and cryptocurrency wallets, according to a new analysis from Cybereason.

Ransomware Attack Impacts Legal Software Provider Trialworks

nationalcybersecurity.com/ransomware-attack-impacts-legal-software-provider-trialworks/ A ransomware attack has impacted legal software platform provider TrialWorks, blocking roughly 5 percent of the companys customers from accessing their case management accounts, according to The Miami Herald. In response, TrialWorks may have paid the ransomware in a bid to decrypt the infected case management software systems, BleepingComputer speculates.

Credential Theft: How It Works and How to Mitigate It

jumpcloud.com/blog/credential-theft-mitigation/ n the spirit of National Cybersecurity Awareness Month, were running a three-part series on how to shore up identity security and help prevent a data breach. In our first post below, well take a look at how credential theft really works and how to combat it.

gTLD Registry Operators Not Monitoring for Security Threats

www.digitaljournal.com/internet/gtld-registry-operators-not-monitoring-for-security-threats/article/560610 Registry operators that want to ensure the security of their domains on offer and in use can quickly assess these for the presence of threats with the aid of a domain reputation checker. This is one of the various ways, they may avoid being flagged for insufficient monitoring a salient problem according to recent news.

You might be interested in …

Daily NCSC-FI news followup 2019-07-14

Ongoing DNS hijacking and mitigation advice www.ncsc.gov.uk/news/ongoing-dns-hijacking-and-mitigation-advice Since that alert was published we have observed further activity, with victims of DNS hijacking identified across multiple regions and sectors. This Advisory covers some of the risks for organisations around DNS hijacking activity and gives advice on ways the risks can be mitigated.. Report at s3.eu-west-1.amazonaws.com/ncsc-content/files/Advisory-DNS-hijacking.pdf Guidance […]

Read More

Daily NCSC-FI news followup 2019-10-24

Some ICS Security Incidents Resulted in Injury, Loss of Life: Survey www.securityweek.com/some-ics-security-incidents-resulted-injury-loss-life-survey Some of the recent cybersecurity incidents involving industrial control systems (ICS) have resulted in injury and even loss of life, according to a survey conducted by Control Systems Cyber Security Association International (CS2AI). Cyber chief: The IoT could provide a model for improved […]

Read More

Daily NCSC-FI news followup 2019-08-20

Guccifer Rising? Months-Long Phishing Campaign on ProtonMail Targets Dozens of Russia-Focused Journalists and NGOs www.bellingcat.com/news/uk-and-europe/2019/08/10/guccifer-rising-months-long-phishing-campaign-on-protonmail-targets-dozens-of-russia-focused-journalists-and-ngos/ A sophisticated phishing campaign targeting Bellingcat and other Russia-focused journalists has been much larger in scope than previously thought, and has lasted at least several months. Bellingcat has identified dozens of targeted individuals across Europe and the US, with the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.